Anything Forums

Here is the origial article from CNN:
http://www.cnn.com/2009/TECH/03/24/conf ... index.html

People who have this mess know it and are ignoring it. Or they paid some idiot who calls himself a guru to clean their system and he just "patched" it rather then reload it.

99% of users are safe. No need to get worried about it, and no need to get extra security.

Your safe! I promise you. Its BS.

Archived topic from AOV, old topic ID:4543, old post ID:29356

page not found.

Archived topic from AOV, old topic ID:4543, old post ID:29361

link fixed.

lol want a good laugh? Google the conflicker, and you'll notice ALL the virus comps stating they will protect you, and thats one of this bugs jobs is to completely disable virus protection.

Ive said this before. Virus protection is a joke. It doesnt happen. I run into people everyday that swear by it. And I tell them, they cant protect you against the bugs of today, and they laugh at me. But its true tho, they cant. 1 simple reason too, federal copyright laws. Ever notice that every time someone gets a bug now its trying to sell you fake anti-malware tools? There you go, copyright in action.

Archived topic from AOV, old topic ID:4543, old post ID:29363

onykage wrote:link fixed.

lol want a good laugh? Google the conflicker, and you'll notice ALL the virus comps stating they will protect you, and thats one of this bugs jobs is to completely disable virus protection.

Ive said this before. Virus protection is a joke. It doesnt happen. I run into people everyday that swear by it. And I tell them, they cant protect you against the bugs of today, and they laugh at me. But its true tho, they cant. 1 simple reason too, federal copyright laws. Ever notice that every time someone gets a bug now its trying to sell you fake anti-malware tools? There you go, copyright in action.

Hmm, I have to somewhat disagree. I work for Internet Security Systems, a division of IBM. Our customers are large corporations and some governments. We have a team here whose sole purpose is to seek out new viruses/worms and provide protection from them. While I agree you cannot be protected from the bug that came out RIGHT NOW, you can be assured that tomorrow you will be. This greatly minimizes our customers' chance of becoming infected. When a critical bug comes out, a level zero is issued to the above-mentioned team and no one goes home until a solution is figured out and a patch/signature released.

Archived topic from AOV, old topic ID:4543, old post ID:29364

I just recently got a virus or what ever you wanna call it. It was doing exactly what you said. Making tuns of pop ups for programs that will supposedly fix the problem.

First thing I did was make sure SpyBot S+D (Free) and McAfee (Free with Comcast Cable) were up to date then scan in safe mode.

And strangely enough it didn't find it. Few days ago a I did another update and scanned it and it found it.

I was also making sure to going in to msconfig and finding out what was running at startup. But Something i chose fliped out and was saying you don't have permission to do that try logging in as an admin. I'm always logged in as an admin.

Archived topic from AOV, old topic ID:4543, old post ID:29365

The IT manager at the hospital I work mentioned there was a virus outbreak so I like "crap..." because I checked mcafee EPO and everything looked good. Then he's like "no, like a virus for people" then mentioned the disease name and I was relieved lol. Kinda funny actually since for doctors a virus like that is probably chaos while a computer virus, they could not care less.

Was quite the day today. Had to deploy a microsoft patch but the day in general was crazy, never managed to get the patch done on time. As long as no non AV PCs make it to the network we're ok. Hopefully I can get approval to deploy that patch tomorrow.

Archived topic from AOV, old topic ID:4543, old post ID:29371

yeahhh my laptop got the AntiVirusPro virus and it pissed me off to no end, disabling my task manager AND my ability to edit my registry. I also believe it to be the reason why I couldn't download or update anything. I got so furious I wound up destroying the laptop. ><

Archived topic from AOV, old topic ID:4543, old post ID:29387

onykage wrote:Virus protection is a joke. .

I agree completely, especially Norton or any other free antivirus software. It slows your comp dramatically (terrible for gamers) and doesn't offer good security. I guess newbs go out and spend money on antivirus then QQ when they have to reformat.

Best advice is to back up your harddrive and if you get a virus you're pretty much screwed. Reformat ftw.

Archived topic from AOV, old topic ID:4543, old post ID:29391

I use Avira as a layer of security, but playing it smart should never even have it detect anything. If a virus gets on your PC it's an issue on it's own.

I would never actually pay for AV

Archived topic from AOV, old topic ID:4543, old post ID:29395

ok.

Let me explain this to you in detail.

The virus's of the 80s-90s were bugs written with one purpose in mind. Crash your system and give your IT department something to do. Some were written and delivered on purpose and some were programming errors.

The virus of today has a completely different agenda. To make money. People who write virus's today know a hell of alot more about the windows operating system then all of us put together.

The new virus's are deployed in 3 different ways.

1: Via email cus you were stupid enough to click a link.
2: embeded into a flash object, ajax, or even the java virtual machine.
3: embeded into a music or video file, specifically (mp3, mp4, wma, wmv).

Once the virus is launched, it does a series of checks before anything else is done, and keep in mind, the rest of this explaination takes place in the timespan equal to less then the time it takes for you to press the "escape" key ~ 250ms.

1: get the active process list and dump it into an array.
2: loop through the array and match active process names to the array

• provided. This list is normally every legit virus prevention application known.
  3a: rank each threat as which one to deal with first.
  3b: begin downloading the files needed to complete the task at hand.
  4: set each threat in order of threat to sleep 1000ms-3000ms
  5: verify that each process is actually not functioning or paying any attention to the current file system and return a value of true.
  6: if 5 is not true, goto 4 and repeat. Stop after x number of tries. return a second true once completed.
  7: if 5 and 6 are both true, verify the downloaded files and goto 8.
  8: assign yourself super user access and start the install.
  8a: overwrite atleast 2 named windows system libraries (dlls).
  8b: set the profile via registry to assign and modify entries given.
  9: hide the source inside of some random bitmap image located in the system32 dir.
  10: start the virus.
  
  At this point, your virus protection realizes it was asleep for 1-3 seconds because the time stamps of the last check are different. So it scrambles to start scanning files as fast a possible to neutralize any threats before they start. (your computer starts lagging and becoming sluggish).
  
  At the same point, your trusty copy of windows defender kicks off and realizes the same thing, I feel asleep, something must be wrong. It too scrambles to start scanning the windows file system for changes to protected files. (your computer almost freezes up at this point, if things work at all its like the computer actually had to think about it first. 5-10 seconds between responses.)
  
  Next, your virus utility pipes in and says "hay I found this threat but I cant remove it" Windows sometimes will kick off an error of some kind, and your newly installed program decides to show it self to you. So it pops up as well and says "Thankyou for installing Spy Commander 90001, I have found 200 threats on your computer should I remove them now?".
  
  Now whats fantastic here is, this program actually knows exactly what bugs are on your system, but no other virus program can seem to find all the ones this new "anit-malware" program can find.
  
  Whats really happening here is, the entire time this program is running, new threats are constantly being downloaded to your system. The original threats the mal-ware software finds are actually part of that program.
  
  BUT WAIT, Theres more!
  
  For the LOW LOW Price of $39.95 I will remove these threats and you are free to use this software for a license period of 12 months.
  
  SOOOOOO...
  
  there are 2 things happening here. The first thing is the viruses are going to find and disable anything that can or could stop it from working. The second thing is because the virus is actually software with a real purpose that is "beneficial" it is automatically covered in the federal copy right clause of 1998 "Any software written which serves a purpose and has a value is automatically protected under the copy right laws that already protect music, art, and literature." You can thank Google for this.
  
  You ever notice how spybot back in the day found everything under the sun, but as time moved on, it didnt find things you knew you had like Google and yahoo data miners? Thats because Google filed a cease and desist order making it clear that they would ruin any company that targeted their software in anyway.
  
  Now You take all of this in, and keep one more startling fact in mind, 85% of computer users not only do NOT actually know how to use a computer other then to check email, get on facebook, or play World of Warcrack. AND 90% of that number run their machines in ADMIN mode which makes all of this possible to start with.
  
  I can keep going and going with this. FYI, I wrote my Thesis on this subject, which ended up becoming a 200 page book. If I knew Norton, McAffee, trend micro, and loads of others wouldn't start a class action lawsuit against me for slander, I would have already appeared on CNN with this.
  
  Trust me, If you want to be virus free, the first step is to NOT use your computer as the administrator. Be a limited user. The next step is easy also, (1)nothing is free including music. (2) stay clear of casino websites. (3) if you need porn that bad, goto an adult shop and buy it. (4) if you dont know them, then dont goto their myspace page. Follow those instructions and I can guarantee you'll never get a virus again.
  
  Archived topic from AOV, old topic ID:4543, old post ID:29407

Very good, this is how some of the more troublesome late viruses act. There are two ways our stuff would go about this:

1) The best way, the virus is stopped and cleaned before it ever touches a windows platform via our network protection appliances. These appliances deconstruct and analyze network packets for threats. Of course, this takes time even with the best hardware, and has a network performance impact.

2) If you are running up-to-date virus signatures, immediately where you say "Once the virus is launched" it is terminated. Since a proper virus scanner system should be continually monitoring every running process, it will immediately match the virus program before it can even start doing any checks. Our driver is windows kernel-level, so it sees everything. The downside to this of course is that your machine runs slower than it would without it, but our customers hardly care about this. Security is their #1 priority.

That said, the only way to be infected with our system is if you come into contact with a new virus that we have not yet seen and provided signatures for. This is simply unavoidable, since this entire system of protection is unfortunately a reactionary one. There is no way around this, it happens the same way in nature with biological viruses and diseases too. Of course, one way is to not run windows, but to many this is unavoidable.

I'm not familiar with the intricate knowledge of McAfee/Norton/etc and their protection mechanisms; they may very well be crap. It's too bad we do not sell a solution to regular end users, although if we did they would probably be cost-prohibitive. However, I must say that even a crappy virus protection system is better than nothing at all. Computer users should follow safe computing practices as you stated above Onykage, but please do not run without any protection at all. Even the most experienced user has a chance of mistakedly clicking on something they did not intend to. All it takes is one click and your machine could be completely compromised.

Archived topic from AOV, old topic ID:4543, old post ID:29408

dprantl wrote:However, I must say that even a crappy virus protection system is better than nothing at all. Computer users should follow safe computing practices as you stated above Onykage, but please do not run without any protection at all. Even the most experienced user has a chance of mistakedly clicking on something they did not intend to. All it takes is one click and your machine could be completely compromised.

Im not tring to argue with you, just argue my point.

Ive been on the internet since 1987. If you do your research, the WWW didnt exist before 1994. In that time span, I Have gotten a virus on one of my systems 3 times. twice due to someone bringing an infected system onto my network, and once on a blacklisted site that used the jvm to launch and install the threat.

I know your system works at the kernel level, they all do. And because the newer virus's are "virus protection apps" guess what, they run at the same level. So its only a matter to flip the switch and turn yours off first.

Now, I get what your saying about the system you work on. And for big business, its probably effective. But for standard users, its not practical or needed. Especially if you follow my rules on virus protection. I mean I have proven results, I have over 70 machines that run with zero virus protection, and used by people everyday that have zero computer literacy, and are virus free and stay that way. The only problem I have is windows, cus it gets real quirky after about 6 months. So you reload the system. And I got lazy about that so I wrote a shell script that automatically reloads every system on my network on a sunday night once every 6 months. So everyones system always stays neat and clean. Thats partly the reason I have my job, because I do what big companies sell services to do for free, and I can produce the same results with next to zero downtime.

Believe me, its not what I had in mind for a job with a masters, but hey, it pays the bills.

Archived topic from AOV, old topic ID:4543, old post ID:29409

You and I both; I was running a BBS over the phone lines in the late '80s with my $300 2,400bps modem as a kid . There was FidoNet for messaging, mine was in Zone 6. Never was on Compuserve or Prodigy though (that required money, and my BBS didn't make enough money and was my only source of income when I was 14. I convinced my dad to buy that modem ). I think we are on a similar page, except when you say:

onykage wrote:Now, I get what your saying about the system you work on. And for big business, its probably effective. But for standard users, its not practical or needed.

You and I both know what knowledge level the "standard user" is at. They simply don't understand enough about computers to even KNOW what is or is not safe. One thing that they can understand is to install this virus protection program and have it up to date (or it auto-updates for them). There are literally over a million computer viruses out there today. Just because you may be vulnerable to some of these new ones, what about the 900,000 older ones, some of which can leave you with a deleted file allocation table and/or boot sector? We will have to agree to disagree on this one, but IMO everyone should be running an up-to-date virus scanner; there are free ones out there (I'm not talking about the scam-tastic parasitic ones). A good one will not slow a system down too much, and today's computers are very fast anyway. There is no other down-side.

Archived topic from AOV, old topic ID:4543, old post ID:29410

well, see I get this argument almost every day, but from the user prospective. People call me or bring me a system, and its got a bug on it, and they are like, "I just renewed my subscription with (insert name here)" [Norton, McAfee, Trend Micro, Panda]. "Why didnt it stop this from happening?" I can usually look at the problem and tell them with some certainty were they got the bug from. And 99% of the time, its a bug that couldnt be stopped anyway. I rarely see anyone with an old school virus, actually tbh, the last virus I cleaned out of a system was "NIMDA". You just dont see "cookiemonster" or "packman" anymore. Hell, remember the y2k bug? LOL that was the biggest scam ever lol. Those older bugs have all but disappeared unless your one of the idiots (like me) who collect viruses.

So for those old school bugs, yeah its good to have something, and if Im not mistaken, most of those old bugs will be stoped by windows defender which is on any system running windows update since 2003 and later. Its not listed as an installed program in the earlier versions, but its still a process. And those older bugs dont know to kill the **omitted**32.exe process.

So I guess I can agree to disagree, but I still would like to get as many techs to see what im getting at as possible. Because eventually, the only virus problem that will be left will be the viruses released from the virus (protection) companies to generate business. As sad of a statement as that is.

Kinda like my sig, if I can grab any kind of real info about you and stick it in an image, what else can I do with that same image that I didnt tell you I did?

Archived topic from AOV, old topic ID:4543, old post ID:29411

LOL, I remember the company I worked for at the time spending hundreds of thousands of dollars on Y2K. I had just gotten out of college but I was still thinking there's no way anything will happen, what a waste of money.

Archived topic from AOV, old topic ID:4543, old post ID:29412

lol I can see 3 things in onys list that I'm doing wrong, no wonder I get virused so often.

Archived topic from AOV, old topic ID:4543, old post ID:29421

Also lot of viruses today just "slide in" thanks ti IE's lack of proper security. IE has some security, but most corporate applications are designed really crapply and require IT to set policies to disable most of the security for the corporate apps to even work. NEVER code stuff in activeX. ActiveX should be let to die, it's the stupidest thing ever. I'm not a big fan of other "interactive web app" languages either like Java and Java script. The web should be only for viewing static (to the end user - the server may of dynamicly generated it) html pages. If this were the case, there would be way less exploits and crap that can be gotten right by viewing a bad site.

But by not using IE, you decrease your chances by a lot as other browsers are much more secure in nature. This does not mean you're 100% safe though. Even firefox has some exploits, and that all goes down to the fact that there's too many web based client side scripting/coding stuff out these days.

If you notice any sites I design, I don't use any JS and stuff like that and I can still make it functional. Sadly, most people use more JS/flash/activeX then actual html because they figure it's cool and makes them seem smarter.

Also in most cases admin or restricted user wont matter, the web based viruses that "slide in" will just use some privilege escalation exploit to run as admin anyway. Exploits like that as well as remote code execution have always existed in windows and always will. They always issue patches to fix those type of exploits and a month later there's another.

I've seen corporate machines get infected even when the user is restricted. This usually happens from people searching stuff on Google and accidentally landing on a bad site, then it's simply too late, thanks to IE. Others are simply user stupidity like opening a file they should not.

Archived topic from AOV, old topic ID:4543, old post ID:29431

dprantl wrote:LOL, I remember the company I worked for at the time spending hundreds of thousands of dollars on Y2K. I had just gotten out of college but I was still thinking there's no way anything will happen, what a waste of money.

Y2K was a joke. I did not have a computer back then nor even know anything about them, but I could not understand for the life of me why it would cause an issue, and why they could not just test it by manually setting the clock to 1 second before that date on the computer. I don't get why IT or computer savvy people did not think of this and realize it was nothing but a big scam to get people to spend lot of money.

And say the computers DID fail. A giant hydro dam turbine is not going to suddenly stop spinning, solar panels will not just melt down, wind turbines will not grind to a halt, electricity will continue to flow. Gas pipeline pumps will continue to spin and send gas to houses, escalators in shopping malls will not just randomly stop moving, elevators wont stop, I could go on.

That said, I wonder what will happen when the unix time stamp hits the end of a 32bit long int.

Also, who was the idiot who did not make that an unsigned long int? We could go on for a good 40 extra years without worrying about that one. :p

But again, it will just screw up the time, it wont make machines stop working. :p

Archived topic from AOV, old topic ID:4543, old post ID:29432

Firefox or IE offer 'uck all protection, if you want to open something then it's not going to argue with you (except if you're running Vista. Vista argues with your competency all the time) With all the java and flashy crap in websites nowadays explorers will just overlook most things anyway (inclu. viruses).

Y2K was a complete joke, I know the days following up to Y2K everybody was freaking and the T.V was telling me I should be collecting kegs of water, the only thing I was worried about tbh was stocking up on alcohol incase the stores lost power and I had no way to fuel up.

Archived topic from AOV, old topic ID:4543, old post ID:29435

Dollpartz wrote:Firefox or IE offer 'uck all protection, if you want to open something then it's not going to argue with you. With all the java and flashy crap in websites nowadays explorers will just overlook most things anyway (inclu. viruses).

Yeah the stuff that prompts you then it does not matter. But lot of these viruses use IE exploits where it slides in the PC and installs itself without you even knowing.

But yeah something like a META redirect to a .exe will prompt you and you have to be dumb enough to hit "open". I usually hit "download" then check it out because I'm curious. Sometimes I'll run it in a VM to see what happens.

Archived topic from AOV, old topic ID:4543, old post ID:29436

Last virus I got, which is the only one I've gotten in 10+ years except for one I got on purpose, which was dumb cuz it turned out to be a bitch to get rid of, was something IE related.
I streaming music on Deezer with firefox and something wasn't loading right so I finally went and opened it in IE, didn't do anything else but sit at that site for awhile and then my computer started freaking out, with the typical "anti-virus" ad pop-ups etc.
Wasn't too hard to get rid of, but still annoying.

Archived topic from AOV, old topic ID:4543, old post ID:29445

ggkthx wrote:Last virus I got, which is the only one I've gotten in 10+ years except for one I got on purpose, which was dumb cuz it turned out to be a bitch to get rid of, was something IE related.
I streaming music on Deezer with firefox and something wasn't loading right so I finally went and opened it in IE, didn't do anything else but sit at that site for awhile and then my computer started freaking out, with the typical "anti-virus" ad pop-ups etc.
Wasn't too hard to get rid of, but still annoying.

You may want to dig. Those things are crazy hard to clean out. Especially the ones that overwrite windows system files. I mean, its the same file, it just has some changes made to it to allow for that specific exploit to work easier.

I normally just reload the system, its really the only way to be sure.

Archived topic from AOV, old topic ID:4543, old post ID:29455

Nuke it from orbit.

It's the only way to be sure.

:p

Archived topic from AOV, old topic ID:4543, old post ID:29458

I love giving my computer a enema now. I didn't reformat for like 5 years and got used to my computer crashing, running slow, things not loading.. then I finally got frustrated and cleaned it up and I was amazed at how fast and efficient it was being.

I just got a new computer last month and I've already reformatted, only because the guy selling it to me was like
"you wanna watch TV on your computer, I'll install this! free of charge"
"no... really....."
"oooo lookie a flash game, this look so much fun *install*
"no I really don't...."

You get the picture. I ended up having a bunch of old granny crap on my new PC and hardly any of it worked.

Archived topic from AOV, old topic ID:4543, old post ID:29464

Reformatting is fun, especially when you have an acronis image of your last fresh install so it only takes like 30 minutes to be up and running with all your apps, drivers, etc.

I wish I knew about imaging programs back when I had windows 98. I used to reformat at least twice a week.

Archived topic from AOV, old topic ID:4543, old post ID:29465